first firewall with pf

Michael K. Smith - Adhost mksmith at
Thu Mar 26 09:33:41 PDT 2009

Hello Eric:

Hi everyone,

Can you provide a little more information about your topology?  Right now, you only have one interface defined in your rules, but you are attempting to pass traffic between two subnets.  That would suggest you have two interfaces and, if so, both need to be accounted for in your rules below.  You'll have to have pass/block rules for both.  It looks like this: -> le0 <firewall> -> (some other interface) ->

Could you tell me if that is correct?



----- Original Message Snipped -----
Thanks for all your input so far. I have tried to implement all you suggestions but have gotten stuck. I set up a test machine in the office with the ip  and encountered the following problems:

when I enables antispoofing the firewall didn't work 

when I tried allowing the subnet it worked ok but when i tried connecting from machines on the 172.16 subnet I was unable to connect. 

Can you please let me know what I'm doing wrong? 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 474 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list